Working with your Board to Improve Risk Management and Board Risk Oversight

PowerPoint PresentationPage *
Recording of this session via any media type is strictly prohibited.
Page *
Working with your Board to Improve Risk Management and Board Risk Oversight
Paul Walker – Schiro/Zurich Chair of ERM at St. John’s University
Arya Yarpezeshkan – CRO at the Navigator’s Group
Joe Pugh – Sr. Advisor, ERM at AARP
Page *
• Paul Walker, Ph.D., CPA
• Arya Yarpezeshkan
• Joe Pugh
Presenters
Page *
Top Issues for Boards
Risk oversight
Strategic risks
Investors want more information on strategy and risk oversight (what the board is thinking)
To create objectives targeted to the audience and desired level of learning/thinking:
1. Ask yourself whether you want attendees to be able to: know, apply, integrate, consider the human
dimension, care, learn to learn, comprehend, apply, analyze, synthesize, or evaluate .These outcomes
represent different levels/kinds of thinking.
2. Match your action words to the desired level of learning/thinking (see Presenter Tips #1 at end of presentation template)
3. Match learning objective with appropriate teaching/learning strategy (see Presenter Tips #2 at end of presentation template).
*
Page *
SEC 2014 National Exam Priorities
Designed to:
communicate with investors and registrants about areas that the staff perceives to have heightened risk
and to support the Securities and Exchange Commission (“SEC”) mission to protect investors;
*
Page *
SEC 2014 National Exam Priorities
Corporate Governance, Conflicts of Interest, and Enterprise Risk Management. The NEP will continue to meet with senior management and boards of entities registered with the SEC, including their affiliates where appropriate, to discuss how each firm identifies and mitigates conflicts of interest and legal, compliance, financial, and operational risks. This initiative is designed to: (i) evaluate firms’ control environment and “tone at the top,” (ii) understand firms’ approach to conflict and risk management, and (iii) initiate a dialogue on key risks and regulatory requirements.
*
Page *
What to Expect
Strategies for working with your board
Ways to present and report an integrated, transparent view of your organization’s risks
Ideas on improving and benchmarking risk management and board risk oversight
*
Page *
1. INTERNATIONAL SPECIALTY INSURANCE UNDERWRITER
3. ONE OF THE “100 MOST TRUSTWORTHY COMPANIES” BY FORBES.COM
2. FOCUSED ON MARINE, ENERGY, SPECIALTY CASUALTY, AND D&O / PROFESSIONAL LIABILITY
Page *
*
Governance & Compliance
Risk Sub-Committee
UW & Claims
Risk Sub-Committee
Page *
Recommendation: Clarify roles and responsibilities
Roles and Responsibilities
Oversight
Escalation
Coordination
Ownership
Assurance
Page *
Recommendation: Provide the Appropriate Information For the Board to Execute its Oversight Duties
Is the board receiving the information it needs to foster effective risk oversight, or is it drowning in data providing little knowledge or insight?
Are we providing the appropriate information for the board to determine if management is effectively managing risk?
Is there sufficient agenda time for discussing the enterprise’s risks?
Page *
Recommendation: Know Your Audience
Unsure of the appropriate level of detail? Then ask them.
Page *
Example: Board Risk Reporting
3. Key risks
4. Risk events
Agenda
Page *
Page *
Page *
Page *
Summary
Investment risk increased by xx% as a result of heightened volatility in the Treasury Markets; however, the risk is still within our tolerances.
Risk Drivers
Quantification
Page *
Investment Key Risk Indicators
Volatility at 99% VaR
Global Financial Stress Scenarios
Page *
Prolonged Power Blackout
Page *
Takeaways
Have a governance framework that is appropriate and effective for your organization
Clarify responsibilities
Use the Report Appendix to your advantage
The information presented herein is for informational purposes only and is not intended to be legal, accounting or other professional advice or opinions on specific facts or matters, used for trading or investment purposes or a complete description of certain aspects of the business of Navigators and its operating subsidiaries.
Page *
1. SOCIAL MISSION ORGANIZATION
4. A TRUSTED SOURCE OF INFORMATION
5. OFFERS ACCESS TO PROGRAMS, SERVICES & DISCOUNTS
6. CONNECTS PEOPLE TO VOLUNTEER OPPORTUNITIES
Page *
ERM at AARP
Page *
Recommendation: Assign ERM to the full board and keep them focused
Does the full board have primary governance oversight?
Is the full board focused on the top strategic risks?
Is the full board dealing with the details of how management is managing the risks?
Is the board’s role one of “risk” management or “list” management?
Page *
Recommendation: Include ERM on board self-assessment
“Critical risks facing the organization are proactively identified by management and fully vetted with the board”
“An appropriate process is in place to effectively manage each of the critical risk areas”
“The board holds management accountable for effective ERM stewardship”
Page *
Recommendation: Benchmark your program
Board’s like to know how your program stacks up
Is the board comfortable that you have an effective program in place for managing risks?
– If not, share statistics
Page *
Recommendation: Keep risk reporting simple
Does the board have the right information for effective risk oversight?
Content over quantity
Are we providing transparency and insight in our risk reporting?
Page *
Page *
Page *
Page *
Page *
Takeaways
Assign ERM to the full board and keep them focused
Include ERM on board self-assessment
Benchmark your program
Page *
Board Risk Oversight Improvement
ERM: required and also increases value, lowers earnings volatility, leads to better decisions, improves reputation…
Governance metrics are used by analysts, viewed by the market, bad/good news, impact the ability to attract board members
We have governance metrics and board assessment but not BRO metrics or assessment
*
Page *
BRO Methods
BRO assessment and self-assessment
BRO metrics and questions
*
Page *
BRO 30 (Walker et al. 2012)
RCC 27 (Walker et al. 2014)
*
Page *
Board Risk Oversight Tool
In recent work the authors found that the number one tool used by companies to manage risk is not some sophisticated modeling tool or even a risk assessment exercise. Instead, the number one tool preferred by many companies is to have a conversation about risks with management, and with and among the board. The tool presented here is not meant to replace that conversation, but should be used to ignite that conversation.
*
Page *
Tool
The board and the organization have a rigorous strategic plan which incorporates all major and emerging risks.
The board is comfortable that management has identified all enterprise level risks.
The board has a clearly defined risk oversight process and has clearly established risk responsibility.
The organization has a CRO or ERM leader with direct line reporting to the board or a respective board committee.
The board quarterly reviews risk maps, risk dashboards, or related risk reporting.
The board and organization go beyond risk maps and generate risk action plans as well as related risk metrics.
Corporate decision making includes a discussion of the potential risks embedded in those decisions.
The organization is prepared for a S&P or Moody’s assessment of their ERM process.
The board is informed of emerging risks on a timely basis.
The board has received ERM training.
*
Page *
Tool
Executives openly share all risk information with board committees.
The organization has had no major risk debacles in the past fiscal period.
Executives and management level risk committees have adequate resources and training to identify and manage risks.
Important risk information is streamlined and reported to the appropriate executives and board level committees promptly.
ERM is viewed as a critical way to create value and grow the organization, while taking the appropriate risks.
The organization identifies the risks related to compensation plans.
Performance is evaluated in relation to the risks taken in achieving that performance.
The organization views and assesses risk by business unit.
*
Page *
Tool
The board is engaged in the discussion of strategy and the related risks.
The board includes some members who are experts in the organization’s relevant risks or risk oversight.
The board feels confident in the risk oversight process.
The board examines its own talent for diversity of views and for the ability to oversee risk.
The board examines risks that management missed to determine if the risk was not identified or if it was not assessed properly. The feedback is used to manage future risks better.
The board has good communication with the CEO on the risks facing the enterprise (both current and emerging).
The board and management regularly assess their ERM process.
*
Page *
St John’s Univ/Tobin College of Business
MS Risk
Center for Excellence in ERM
Executive Education – Certificate in ERM
Booth _____
Page *
Questions, Final Comments and
LOWEmerging Risk 3
Time frame
%$%$
1. Maintain a maximum single risk net incurred loss tolerance < x% of shareholder equity
2. A single loss-producing event (natural or man-made catastrophe) will not generate net incurred loss of more than x%
of shareholders equity, as measured at a 99.6th % excedance probability (1-in-250 year).
3. Multiple loss-producing events within a single 12 month period will not generate net incurred loss of more than x% of
shareholders equity, as measured at a 99.6% excedance probability (1-in-250 year).
4. A single or combination of exogenous economic shocks will not result in a de-valuation of invested assets greater
than x%, in any continuous 12 month period or less, as measured at a 99.6% excedance probability (1-in-250 year).
5. No single Division will constitute more than x% of our GWP in any single calendar year.
6. Maintain broad and deep intellectual capital in our underwriting units to ensure that business interruption from loss
of key personnel cannot cause more than x% of lost GWP over the course of a single year.
7. Business interruption (from external event, disruption to systems / premises) will be mitigated so that no more than
x% of GWP is lost over the course of a year.
Q4 13
Stochastically modeled. Investment data as of 9/30/2013. Q4 131/100 yr$xx$xx$xx
Figures in (000s)
Q3 2013
Japan Earthquake - Mar 2011
Equities up 10%
Equity Markets Rebound - 2009
Solar Storm events, Failing infrastructures; Cyber attacks
The event could impact multiple lines of business and cause signficant supply chain disruptions.
Traditional loss scenarios only assume power blackouts for a few hours or days. However, space weather events or coordinated terror attacks
could cause prolonged blackouts with significant impacts on society and industry. Critical infrastructure such as communication and transport
would be hampered, heating and water supply would stop, and production processes and trading would seize.
6 m - 2 years (medium-term)

Documents

Working with your Board to Improve Risk Management and Board Risk Oversight